Security Management at Capital Power. Ross Johnson, CPP Senior Manager Security & Contingency Planning
|
|
- Ethelbert Morris
- 5 years ago
- Views:
Transcription
1 Security Management at Capital Power Ross Johnson, CPP Senior Manager Security & Contingency Planning 1
2 Capital Power Capital Power (CPX:TSX) is a growth-oriented North American power producer headquartered in Edmonton, Alberta. The company develops, acquires, operates and optimizes power generation from a variety of energy sources. Capital Power owns more than 3,600 megawatts of power generation capacity at 15 facilities* across North America. An additional 595 megawatts of owned generation capacity (including the Shepard Energy Centre) is under construction or in advanced development. *As of December Excludes the 5-MW Clover Bar Landfill Gas plant. 2
3 Capital Power Generation Portfolio* 4 * Excludes the 5-MW Clover Bar Landfill Gas plant 3
4 Security & Contingency Planning Senior Manager, Security & Contingency Planning Senior Advisor, Physical Security Forensic Investigations Specialist Senior Advisor, Contingency Planning (20%) Security Administrator Security Guard Force (11 people) 4
5 Security Management Program Elements 1. Security Management Program 2. Security Risk Management 3. Information Security Management 4. Personnel Security 5. Physical Security 6. Security Incident Management 7. Contingency Planning 8. Threat Response Planning 9. Evaluation & Review 10. Continuous Improvement 5
6 Security Management Program Vision Statement To assist the Corporation in maintaining a competitive advantage by providing successful, innovative, and costeffective security and contingency planning solutions to ensure the protection of our people, assets, and reputation. Mission Statement To protect the Corporation s people, assets and reputation through leadership, technology, and innovation while building an environment that enables the business through consultation, cooperation, honesty and integrity. 6
7 How We Will Achieve Our Vision All solutions produced by Capital Power Security & Contingency Planning will be tested against three questions: 1. Does it meet the security and cost requirements as agreed in advance with the stakeholders? 2. Does it meet the security requirement with the minimum expenditure of money and resources? 3. Does it meet the security requirement with the minimum use of manpower? A project is not complete until we can answer yes to all three questions. 7
8 Security Risk Management Threat Intelligence Public Safety Canada Natural Resources Canada DHS ES-ISAC Industry Security assessments Facility Risk Profile Monthly evaluation Corporate Hazard Event Risk Profile Monthly evaluation 8
9 Information Security Management Classification and labelling Handling Training Incident reporting and investigation Audit, compliance, and disaster recovery 9
10 Personnel Security Access control Employee terminations Fraud prevention program Governance Risk assessment Prevention Detection Investigation & corrective action Security awareness 10
11 Physical Security Minimum physical security guidelines Vehicle searches Signage standards Chain-link fencing standards CCTV cameras Copper theft prevention Guard force management 11
12 Access Control Facility Type Fence with Top Guard Fenceline Intrusion Detection CCTV/Lighting Electronic Card Access Interior Intrusion Detection Locked Fence Gates with CCTV Locked Exterior Access Doors Visitor Management Background Checks for all Unescorted Personnel Signage Critical Asset Manned Power Plant During Silent Hours Unmanned Power Plant Control Room PEECC Switchyard Non-Critical Asset Thermal Power Plant See Note 1. During Silent Hours Wind Facility Solar Facility Control Room PEECC Switchyard Office Building/Data Centre Construction Site Optional 12
13 Guards Regulatory Requirements Facility Type Fixed Post Mobile Patrols SafeWalk Program Security Shuttle NERC/ARS CIP- 001 NERC/ARS CIP- 002 to CIP-009 Critical Asset Manned Power Plant Unmanned Power Plant Control Room PEECC Switchyard Non-Critical Asset Control Room PEECC Thermal Power Plant Switchyard Wind Facility Solar Facility Office Building/Data Centre Guards may be used if deemed necessary because of local security conditions Capital Power Security will assist with assessment Construction Site 13
14 Security Incident Management Incident reporting Investigations Workplace violence incident management 14
15 Contingency Planning Business Continuity Management Emergency Response Program Crisis Management Planning 15
16 Threat Response Planning Threat and vulnerability assessment Security measures Observation plan Random security measures Response plan Communications Training and review 16
17 Our Next Challenge Our next challenge is the transition to an enterprise security model, integrating physical, cyber, and industrial control system security 17
18 Questions? Ross Johnson, CPP 1 (780)
19 David Godfrey Security & Facilities Manager
20 Texas Municipal Power Agency Texas Municipal Power Agency (TMPA) is a joint action agency created in 1975 by the Texas Legislature to provide reliable electric power in an economically competitive and efficient manner to its four Member Cities. TMPA owns 470 megawatts of power generation and 11 substations all within the ERCOT region. Combined TMPA owns over 18,800 acres of land including a reservoir which is open to the public.
21 Security & Facilities As in most small organizations the Security & Facilities Manager wears a multitude of hats Physical Security Manager Facilities Manager Parks & Recreation Manager Public Relations Manager Communications Manager Special Projects Manager
22 Security Management Elements 1. Physical Security Management Generation Transmission Park All other land holdings 2. Security Risk Management 3. Personnel Security 4. Incident Management 5. Threat Response 6. Security Training
23 Security Management Goals To provide a safe and secure workplace for our employees People come First. and To protect TMPA s assets and reputation by assessing all agency assets and providing appropriate security measures that are reliable, effective, and economical.
24 Security Risk Management Threat Intelligence Joint Terrorism Task Force (JTTF) Local Law Enforcement Texas Fusion Center DHS ERCOT ES-ISAC Our Employees Physical Threat Vulnerability Assessment (TVA) Annual and Spot Check Security Evaluations
25 Personnel Security Access Control CCTV Fraud prevention Governance Anonymous Hotline Prevention Investigation & corrective actions up and including termination Security awareness
26 Physical Security Security Policies and Procedures Access Control CCTV Chain-link Fence Standard Signage Fence Detection Systems Law Enforcement Patrol
27 Security Training Yearly Emergency Coordination Exercise (which always includes a security component) Periodic security reminders to employees (piggy backing, vigilance, reporting) State and Federal Law Enforcement Exercises Local Law Enforcement Exercises Local Fire Department Exercises
28 QUESTIONS?
29 April 16, 2014
30 Tri-State s mission is to provide reliable, cost-based electric energy to our member systems consistent with cooperative principles VP Western Division of G4S Secure Solutions regional conference 2
31 Tri-State Generation and Transmission Association is a wholesale power supplier owned by 44 electric cooperatives and public power districts Serving a population of approximately 1.5 million people VP Western Division of G4S Secure Solutions regional conference 3
32 Tri-State wholly or partially owns, or has power purchase agreements, for a number of generating facilities located throughout its four-state service territory
33 Transmission system Tri-State owns, operates and maintains a 5,213- mile high-voltage transmission network throughout four states 359 delivery points 250,000-square-mile service territory
34 Employees Tri-State employs nearly 1,600 people at offices, power plants and field locations throughout the region
35 Enterprise security mission We will be the enterprise-wide resource for Tri- State regarding the protection of people, information, and assets. We will partner with key personnel to plan, deploy, and maintain programs that promote a customer-oriented, results driven security culture to support compliance while promoting a safe and secure work environment.
36 Enterprise security responsibilities Security force management Investigations Compliance with Tri-State s NERC cyber security standards program Compliance with Tri-State s DHS chemical facility anti-terrorism standards program Electronic security systems management Federal agency and law enforcement liaison Electronic security systems installation Security vulnerability assessments
37 Security force management 37 armed G4S CPO officers in 5 locations Headquarters Lobby entry SOC Area vehicle patrol 3 generation facilities 1 coal mine 1 G4S program manager Recurring training & testing
38 Investigations Type of Investigation Department/Position Responsible Assaults & Crimes against persons: Employee/Employee Assaults & Crimes against persons: Outside Party/Contractor Check Fraud Copyright / Proprietary Information Disciplinary Investigations for Misconduct Due Diligence EEOC (Equal Employment Opportunity Commission) Employee Misconduct Environmental Incidents Internet/ Misuse Inventory Discrepancies/Unexplained Shrinkage: Inventory Inventory Discrepancies/Unexplained Shrinkage: IT Mechanical Failures Misuse or Abuse of Computer or IT Systems OSHA Complaint Outages or Switching Errors Personnel Security and Background Regulatory Compliance Sabotage: Cyber Sabotage: Employee Sabotage: Generation or Production Sabotage: Reliability Safety Related Accident Substance Abuse/Fitness for Duty Theft: Computer/Laptop Theft: Inventory Theft: Tri-State Property (by EXTERNAL party) Theft: Tri-State Property (by INTERNAL party) Travel & P-Card Misuse Workers Comp EMPLOYEE SERVICES ENTERPRISE SECURITY CASH MANAGEMENT LEGAL or OUTSIDE LEGAL HELP EMPLOYEE SERVICE BUSINESS UNIT LEADING ACQUISITION EMPLOYEE SERVICES EMPLOYEE SERVICES ENVIRONMENTAL IT OPERATIONS INVENTORY CONTROL MANAGER ENTERPRISE SECURITY PLANT MANAGERS IT OPERATIONS CORPORATE SAFETY RELIABILITY COMPLIANCE, TRANSMISSION SYSTEM OPERATIONS ENTERPRISE SECURITY and EMPLOYEE SERVICES CORP. SAFETY, EMPLOYEE SERVICES, ENVIRONMENTAL, LAND RIGHTS, FINANCIAL SERVICES, RELIABILITY COMPLIANCE IT OPERATIONS EMPLOYEE SERVICES ENTERPRISE SECURITY RELIABILITY COMPLIANCE CORPORATE SAFETY EMPLOYEE SERVICES ENTERPRISE SECURITY INVENTORY CONTROL MANAGER ENTERPRISE SECURITY EMPLOYEE SERVICES EMPLOYEE SERVICES 3rd PARTY HIRED BY TSGT
39 Compliance Compliance with Tri-State s NERC cyber security standards & DHS chemical facility anti-terrorism standards programs Evolving requirements Documentation Audits Initial & ongoing expense Enterprise-wide awareness
40 Electronic security systems management Access Control Johnson Controls P2000 system 350+ readers in 30+ facilities Surveillance ONSSI Ocularis VMS 300+ cameras in 20+ facilities Axis & VideoIQ 100% digital IP Transitioning legacy equipment to Axis 5MP IP Security operations center Yearly capital improvements 20 per year Security systems technician on staff
41 Federal agency and law enforcement liaison Participation locally in: InfraGard ASIS UASI Quarterly regional contact: FBI DHS State homeland security Local county sheriff Local police
42 Security vulnerability assessments Recurring written assessments 3 years for priority assets HQ, BCC & Hangar Larger power plants Regional service centers 5 years for others CT generation facilities Small service centers Brief results & recommendations to management
43 Challenges Government regulation NERC CIP CFATS Metal theft Safe and secure environment with budget constraints Security officer training Security culture and awareness within business units Preparing for electric utility security in 2020 and beyond
44 VP Western Division of G4S Secure Solutions regional conference 16
Security Management Seminar
SSID PSAV_Event_Solutions Passcode NERC0001 Security Management Seminar Ross Johnson, CPP Capital Power Edmonton, Alberta Security Management Programs Agenda Security Risk Management Design Basis Threat
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationSecurity Guideline for the Electricity Sub-sector: Physical Security Response
Security Guideline for the Electricity Sub-sector: Physical Security Response Preamble: This guideline addresses potential risks that can apply to some electricity sub-sector organizations and provides
More informationA Framework for Managing Crime and Fraud
A Framework for Managing Crime and Fraud ASIS International Asia Pacific Security Forum & Exhibition Macau, December 4, 2013 Torsten Wolf, CPP Head of Group Security Operations Agenda Introduction Economic
More informationSecurity Standards for Electric Market Participants
Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system
More informationTSA/FTA Security and Emergency Management Action Items for Transit Agencies
TSA/FTA Security and Emergency Management Action Items for Transit Agencies AACTION ITEM LIST Management and Accountability 1. Establish Written System Security Programs and Emergency Management Plans:
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationPhysical security advisory services Securing your organisation s future
Physical security advisory services Securing your organisation s future August 2018 KPMG.com/in Physical security threats on the rise In a dynamic geo-political, economic and social environment, businesses
More informationLow Impact Generation CIP Compliance. Ryan Walter
Low Impact Generation CIP Compliance Ryan Walter Agenda Entity Overview NERC CIP Introduction CIP-002-5.1, Asset Classification What Should Already be Done CIP-003-7, Low Impact Requirements Tri-State
More informationBest Practices for Campus Security. January 26, 2017
Best Practices for Campus Security January 26, 2017 Welcome to Safe University (Safe U ) Protecting People, Property, and Tradition: The Safe University (Safe U SM ) Program By G. Michael Verden, Owner
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Advisors and Special Event Domestic Incident Tracker Overview Federal
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Organisation for the Prohibition of Chemical Weapons September 13, 2011 Overall Landscape
More informationOffice of Infrastructure Protection Overview
Office of Infrastructure Protection Overview Harvey Perriott Protective Security Advisor North Texas District U.S. Department of Homeland Security Vision and Mission Vision A safe, secure, and resilient
More informationBusiness Continuity: How to Keep City Departments in Business after a Disaster
Business Continuity: How to Keep City Departments in Business after a Disaster Shannon Spence, PE Red Oak Consulting, an ARCADIS group Agenda Security, Resilience and All Hazards The Hazards Cycle and
More informationBusiness Continuity An Integral Part of Risk Management At Constellation Energy
Business Continuity An Integral Part of Risk Management At Constellation Energy World Disaster Management Conference Toronto, Canada June 19, 2006 Robert W. Cornelius Director Business Continuity Operating
More informationCanada Life Cyber Security Statement 2018
Canada Life Cyber Security Statement 2018 Governance Canada Life has implemented an Information Security framework which supports standards designed to establish a system of internal controls and accountability
More informationCIP-014. JEA Compliance Approach. FRCC Fall Compliance Workshop Presenter Daniel Mishra
CIP-014 JEA Compliance Approach FRCC Fall Compliance Workshop Presenter Daniel Mishra Acronyms & Terminologies DHS Department of Homeland Security JEA It s not an acronym JSO Jacksonville Sheriff's Office
More informationCorporate Security & Emergency Management Summary of Submitted 2015 Budget From Rates
Corporate Security & Emergency Management Summary of Submitted 2015 From Rates Service Expense 2014 2015 Revised Non Tax Revenue Net Tax Supported Expense Draft Non Tax Revenue Net Tax Supported Increase
More informationBusiness Continuity Planning
Business Continuity Planning The Unexpected Happens Be Ready Copyright -Business Survival Partners, llc. 2011 - All Rights Reserved www.survivalpartners.biz RISK 2 Risks to National Security A secure and
More informationManagement. Port Security. Second Edition KENNETH CHRISTOPHER. CRC Press. Taylor & Francis Group. Taylor & Francis Group,
Port Security Management Second Edition KENNETH CHRISTOPHER CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an informa business Preface
More informationLive Webinar: Best Practices in Substation Security November 17, 2014
Live Webinar: Best Practices in Substation Security November 17, 2014 1 Agenda & Panelists Welcome & Introduction - Allan Wick, CFE, CPP, PSP, PCI, CBCP Enterprise Security Manager-CSO Tri-State Generation
More informationGuelph Police Service
Guelph Police Service The Guelph Police Service provides policing services to the City of Guelph and has an authorized complement of 196.5 police officers and 89.42 civilians. We serve our community by
More informationEmergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:
Emergency Support Function #12 Energy Annex ESF Coordinator: Department of Energy Primary Agency: Department of Energy Support Agencies: Department of Agriculture Department of Commerce Department of Defense
More informationThe Office of Infrastructure Protection. Background. Purpose 6/13/2016. National Protection and Programs Directorate Department of Homeland Security
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Measures for Public Gatherings Western Region Healthcare Emergency Preparedness
More informationEMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY
EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY PRIMARY AGENCY: SUPPORT AGENCIES: Savannah-Chatham Metropolitan Police Department Armstrong-Atlantic Campus Police Department Bloomingdale
More informationKansas City s Metropolitan Emergency Information System (MEIS)
Information- Sharing Interagency Cooperation Resources Management Law Enforcement Fire Emergency Medical Services Public Health Private Sector Kansas City s Metropolitan Emergency Information System (MEIS)
More informationEXECUTIVE ORDER Chemical Facility Safety and Security: Providing ProtecFon Reduces Risk
EXECUTIVE ORDER 13650 Chemical Facility Safety and Security: Providing ProtecFon Reduces Risk THE DAILY www.region6gazette.com - Since 2014 Executive Order (EO) 13650 signed August 1, 2013 - Result of
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationRCMP Support / Bylaw Services Department
RCMP Support / Bylaw Services Department business plan 2012-2014 TABLE OF CONTENTS 1. Our Services 1.1 Our Mandate 1.2 Lines of Business 2. Accomplishments 3. Implementing Sustainability 3.1 Strategy 1
More informationCOUNTERING IMPROVISED EXPLOSIVE DEVICES
COUNTERING IMPROVISED EXPLOSIVE DEVICES FEBRUARY 26, 2013 COUNTERING IMPROVISED EXPLOSIVE DEVICES Strengthening U.S. Policy Improvised explosive devices (IEDs) remain one of the most accessible weapons
More informationZubair A Rehman Bin Saeed
Zubair A Rehman Bin Saeed https://pk.linkedin.com/in/zubairabdulrehmanbinsaeed 0304-6090990 / 0324-500559 Pakistan Safety Security & Loss Prevention Management Protecting People Assets & Property I am
More informationGrid Security & NERC
Grid Security & NERC Janet Sena, Senior Vice President, Policy and External Affairs Southern States Energy Board 2017 Associate Members Winter Meeting February 27, 2017 Recent NERC History Energy Policy
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Protective Security Coordination Division Overview ND Safety Council Annual Conference
More informationGlobal Risks Peculiar to Resorts: Richard G. Hudak Managing Partner Resort Security Consulting Inc.
Global Risks Peculiar to Resorts: Prevention, Management, Litigation Richard G. Hudak Managing Partner Resort Security Consulting Inc. www.resortsecurity.com Presenters Richard G. Hudak, Managing Partner,
More informationIntroduction to the NYISO
Introduction to the NYISO Power Control Center Guilderland, NY July 21, 2011 1 Today s Topics NYISO History NYISO Roles & Governance NYISO Markets Building Reliability Emerging Trends 2 Evolution of the
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationBUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW
BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW EXECUTIVE SUMMARY CenturyLink is committed to ensuring business resiliency and survivability during an incident or business disruption. Our Corporate Business
More informationSituational Crime Prevention in Anti-Terrorism Efforts
NASSAU COUNTY POLICE DEPARTMENT Situational Crime Prevention in Anti-Terrorism Efforts 20 th Annual Problem Oriented Policing Conference Tuesday September 22, 2009 Thomas R. Suozzi County Executive Lawrence
More informationPROVIDING INVESTIGATIVE SOLUTIONS
PROVIDING INVESTIGATIVE SOLUTIONS Experienced Professionals Northeast Intelligence Group, Inc. (NEIG) has been helping clients meet challenges for more than twenty years. By providing meaningful and timely
More informationIntegration of Business Continuity, Emergency Preparedness, and Emergency Response
Integration of Business Continuity, Emergency Preparedness, and Emergency Response Continuity Insights Conference 2014 Julia Halsne Manager of Business Continuity East Bay Municipal Utility District Contents
More informationAirport Security & Safety Thales, Your Trusted Hub Partner
Airport Security & Safety Thales, Your Trusted Hub Partner www.thalesgroup.com/shield Securing People Ensuring Business Continuity Protecting Assets Thales Credentials Thales is a leading international
More informationTexas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13
Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas
More informationCyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations. Arkansas Joint Committee on Energy March 16, 2016
Cyber Security Panel Discussion Gary Hayes, SVP & CIO Technology Operations Arkansas Joint Committee on Energy March 16, 2016 CenterPoint Energy, Inc. (NYSE: CNP) Regulated Electric and Natural Gas Utility
More informationPREPARED STATEMENT OF ERNEST R. FRAZIER, SR., ESQ. AMTRAK, CHIEF OF POLICE AND SECURITY DEPARTMENT
PREPARED STATEMENT OF ERNEST R. FRAZIER, SR., ESQ. AMTRAK, CHIEF OF POLICE AND SECURITY DEPARTMENT HOUSE TRANSPORTATION & INFRASTRUCTURE SUBCOMMITTEE ON RAILROADS Oversight Hearing on Railroad Security
More informationCritical Infrastructure
Critical Infrastructure 1 Critical Infrastructure Can be defined as any facility, system, or function which provides the foundation for national security, governance, economic vitality, reputation, and
More informationNumber: USF System Emergency Management Responsible Office: Administrative Services
POLICY USF System USF USFSP USFSM Number: 6-010 Title: USF System Emergency Management Responsible Office: Administrative Services Date of Origin: 2-7-12 Date Last Amended: 8-24-16 (technical) Date Last
More informationYour One Source for Federal Solutions
Your One Source for Federal Solutions GSA Contract Vehicles Dedicated Federal and Technical Teams Local Presence, International Network About WESCO The WESCO Federal Advantage Government Team Commitment
More informationSECURITY CODE. Responsible Care. American Chemistry Council. 7 April 2011
American Chemistry Council Responsible Care SECURITY CODE 7 April 2011 Debra Phillips Managing Director, Responsible Care American Chemistry Council Why develop a Separate Security Code? Need for a clearly
More informationFEMA Region IX. RRCC Watch Center. August 2009
FEMA Region IX RRCC Watch Center August 2009 Mission The Regional Response Coordination Center (RRCC) Watch Center is a 24-Hour, 7-Day-Per-Week Function that maintains Regional Situational Awareness of
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationSTANDARD OPERATING PROCEDURE Critical Infrastructure Credentialing/Access Program Hurricane Season
STANDARD OPERATING PROCEDURE Critical Infrastructure Credentialing/Access Program Hurricane Season IBERIA PARISH STATE OF LOUISIANA STANDARD OPERATING PROCEDURE Critical Infrastructure Owners/Operators
More informationEmergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:
ESF Coordinator: Homeland Security/National Protection and Programs/Cybersecurity and Communications Primary Agencies: Homeland Security/National Protection and Programs/Cybersecurity and Communications
More informationNERC Staff Organization Chart
NERC Staff Organization Chart President and CEO Administrative Associate Director to the Office of the CEO Associate Director, Member Relations and MRC Secretary Senior Vice President and Chief Reliability
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationAlternative Fuel Vehicles in State Energy Assurance Planning
+ Alternative Fuel Vehicles in State Energy Assurance Planning July 17, 2014 Webinar hosted by the National Association of State Energy Officials (NASEO), with support from the U.S. Department of Energy
More informationGridEx IV Initial Lessons Learned and Resilience Initiatives
GridEx IV Initial Lessons Learned and Resilience Initiatives LeRoy T. Bunyon, MBA, CBCP Sr. Lead Analyst, Business Continuity 2017 GridEx IV GridEx is a NERC-sponsored, North American grid resilience exercise
More informationDHS Overview of Sustainability and Environmental Programs. Dr. Teresa R. Pohlman Executive Director, Sustainability and Environmental Programs
DHS Overview of Sustainability and Environmental Programs Dr. Teresa R. Pohlman Executive Director, Sustainability and Environmental Programs DHS Mission DHS Organization Getting to Know DHS Mission: Secure
More information2010 HURRICANE SEASON PREPARATION BRIEFING
2010 HURRICANE SEASON PREPARATION BRIEFING PSC Workshop May 17, 2010 Barbara Quinones, Director City of Homestead, Homestead Energy Services Today s Presentation System Overview Hurricane Experience Storm
More informationCritical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division
Critical Infrastructure Protection and Suspicious Activity Reporting Texas Department of Public Safety Intelligence & Counterterrorism Division GOAL: Prevent terrorist attacks in Texas and prevent criminal
More informationChemical Facility Anti-Terrorism Standards. T. Ted Cromwell Sr. Director, Security and
Chemical Facility Anti-Terrorism Standards T. Ted Cromwell Sr. Director, Security and NJ ELG Operations Meeting Today s Presentation ACC Action Major Rule Components Select Risk-Based Performance Standards
More informationGrid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016
Grid Security & NERC Council of State Governments The Future of American Electricity Policy Academy Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016 1965 Northeast blackout
More informationASSEMBLY, No STATE OF NEW JERSEY. 217th LEGISLATURE INTRODUCED FEBRUARY 4, 2016
ASSEMBLY, No. STATE OF NEW JERSEY th LEGISLATURE INTRODUCED FEBRUARY, 0 Sponsored by: Assemblywoman VALERIE VAINIERI HUTTLE District (Bergen) Assemblyman DANIEL R. BENSON District (Mercer and Middlesex)
More informationCincinnati/Northern Kentucky International Airport. Partnership for Nuclear Security Insider Threat Summit September, 2015
Cincinnati/Northern Kentucky International Airport Partnership for Nuclear Security Insider Threat Summit September, 2015 Cincinnati USA Story 2 28 th largest metropolitan area in the USA with 2.1M population
More informationPIPELINE SECURITY An Overview of TSA Programs
PIPELINE SECURITY An Overview of TSA Programs Jack Fox Pipeline Industry Engagement Manager Surface Division Office of Security Policy & Industry Engagement May 5, 2014 TSA and Pipeline Security As the
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationEXHIBIT A. - HIPAA Security Assessment Template -
Department/Unit: Date: Person(s) Conducting Assessment: Title: 1. Administrative Safeguards: The HIPAA Security Rule defines administrative safeguards as, administrative actions, and policies and procedures,
More informationBPF GLOBAL SECURITY DETECT DEFEND DETER. Company Profile
BPF GLOBAL SECURITY Company Profile BPF GLOBAL SECURITY Guarding, patrolling and protecting Australia wide BPF Global Security is a specialist Security and Facilities Management company providing professional
More informationMassMutual Business Continuity Disclosure Statement
MassMutual Business Continuity Disclosure Statement Overview Resiliency is a high priority at Massachusetts Mutual Life Insurance Company ( MassMutual or the Company ). To that end, significant investments
More informationDIRECT TESTIMONY OF RICHARD P. NUZZO (SECURITY INFRASTRUCTURE)
BEFORE THE NEW YORK STATE PUBLIC SERVICE COMMISSION ----------------------------------------------------------------------------x Proceeding on Motion of the Commission as to the Rates, Charges, Rules
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationLaguna Honda Hospital and Rehabilitation Center. Security Management Plan
Laguna Honda Hospital and Rehabilitation Center Security Management Plan 2018-2019 REFERENCES California Code of Regulations, Title 8, Sections 8 CCR 3203 et seq. California Code of Regulations, Title
More informationChemical Facility Anti- Terrorism Standards
SATA Presentation Regarding Chemical Facility Anti- Terrorism Standards Joe Hartline, CHMM Rindt-McDuff Associates Marietta, Georgia October 6, 2007 Presentation Outline Introduction Rule Requirements
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationConvergence of BCM and Information Security at Direct Energy
Convergence of BCM and Information Security at Direct Energy Karen Kemp Direct Energy Session ID: GRC-403 Session Classification: Advanced About Direct Energy Direct Energy was acquired by Centrica Plc
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationInformation Security Policy
April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING
More informationELECTRIC UTILITY SECTOR PHYSICAL THREATS (DBT) & RESPONSE PLANNING
ELECTRIC UTILITY SECTOR PHYSICAL THREATS (DBT) & RESPONSE PLANNING Helping to keep the lights on, businesses running and communities strong 1 Objectives The Utility Business has Changed Methodology Program
More informationInformation Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV
Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV Location: https://www.pdsimplified.com/ndcbf_pdframework/nist_csf_prc/documents/identify/ndcbf _ITSecPlan_IDGV2017.pdf
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationIf you have any questions regarding this survey, please contact Marcell Reid at or Thank you for your support!
ABBVIE GLOBAL SUPPLIER SUSTAINBILITY PROGRAM Annual Supplier Sustainability As an important supplier to AbbVie, we would like to document and assess your company s activities and progress regarding sustainability
More informationCritical Cyber Asset Identification Security Management Controls
Implementation Plan Purpose On January 18, 2008, FERC (or Commission ) issued Order. 706 that approved Version 1 of the Critical Infrastructure Protection Reliability Standards, CIP-002-1 through CIP-009-1.
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationVALUE OF A CYBERSECURITY SELF-ASSESSMENT
VALUE OF A CYBERSECURITY SELF-ASSESSMENT RC3 Self-Assessment Research Program RC3 Self-Assessment Research Program Directors Cybersecurity Ecosystem CEO/GM E&O Member Services Marketing Information Technology
More informationDisaster Recovery and Business Continuity Planning (Mile2)
Disaster Recovery and Business Continuity Planning (Mile2) Course Number: DRBCP Length: 4 Day(s) Certification Exam This course will help you prepare for the following exams: ABCP: Associate Business Continuity
More informationSecurity Program Design:
Security Program Design: A Critical Infrastructure Protection Model Experience, Dedication, and Leadership July 17-18, 2013 Toronto, Ontario CAN in Security EDUCATION Earn up to 16 CPEs Are you confident
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationSecuring the Grid and Your Critical Utility Functions. April 24, 2017
Securing the Grid and Your Critical Utility Functions April 24, 2017 1 Securing the Grid Effectively and Efficiently Recent threats to the Electric Grid and the importance of security Standards and Requirements
More informationThe Deloitte-NASCIO Cybersecurity Study Insights from
The Deloitte-NASCIO Cybersecurity Study Insights from 2010-2016 August 21, 2018 Srini Subramanian State Government Sector Leader Deloitte Erik Avakian CISO Pennsylvania Michael Roling CISO Missouri Meredith
More information1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010
Standard CIP 011 1 Cyber Security Protection Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes
More informationOregon Department of Justice
Oregon Department of Justice Created in response to the 9/11 Commission Report Currently 78 Fusion Centers in the US Fusion Centers are unique in design, but the operation mission is the same nationally
More informationJim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas
Jim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas Facts expressed in this presentation are Facts Opinions express in this presentation are solely my own The voices I
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationJim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas
Jim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas Facts expressed in this presentation are Facts Opinions express in this presentation are solely my own The voices I
More informationSecurity Guideline for the Electricity Sector: Physical Security
Security Guideline for the Electricity Sector: Physical Security Preamble: It is in the public interest for NERC to develop guidelines that are useful for improving the reliability of the bulk electric
More informationChapter 1. Chapter 2. Chapter 3
Contents Preface ix Chapter 1 Terrorism 1 Terrorism in General 2 Definition of Terrorism 3 Why Choose Terrorism 4 Goals of Terrorists 5 Selection of Targets and Timing of Attacks 6 Perpetrators 7 Weapons
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Regional Resiliency Assessment Program 2015 State Energy Risk Assessment Workshop April
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationTechnical Conference on Critical Infrastructure Protection Supply Chain Risk Management
Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Remarks of Marcus Sachs, Senior Vice President and the Chief Security Officer North American Electric Reliability
More informationMNsure Privacy Program Strategic Plan FY
MNsure Privacy Program Strategic Plan FY 2018-2019 July 2018 Table of Contents Introduction... 3 Privacy Program Mission... 4 Strategic Goals of the Privacy Office... 4 Short-Term Goals... 4 Long-Term
More information